SlideShare ist ein Scribd-Unternehmen logo

Ics & computer security for nuclear facilities

•Als PPTX, PDF herunterladen•
•
O
omriyad

industrial control system security

Ingenieurwesen
1 von 36
ICS & Computer Security for Nuclear Facilities Refer to NSS-17 and NST036
Content • Nuclear Security Series No 17 • NST036 – Computer Security of Nuclear I&C Systems • Interface with Safety Guides • Scope • Key Principles • Sample Measures and Controls
NSS-17 Computer Security for Nuclear Facilities
Review of Nuclear Security Series • NSS No.17 Computer Security for Nuclear Facilities • NST036 Computer Security of Nuclear I&C Systems
Review of NSS No. 17 – Awareness publication – Safety I&C systems are assigned Levels 1 to 3 – No categorization hierarchy provided for PPS – Security Objective is not stated for many computer security measures – Risk assessment in general terms – Non-safety items may impact on safety systems and require protection
Review NSS No. 17 - Example EXAMPLE – Zone 1: Safety relevant digital and software based I&C systems – Zone 2: Process-control and Process-computing systems e.g. 2A = Reactor near area, 2B = Main Control Room – Zone 3: Administrative computer systems e.g. 3A = Physical Protection Systems 3B = Telecommunication Systems – Zone 4: External systems e.g. 4A = Systems for Internet Services and data exchange
Comparing IT and I&C Systems
NST036 Computer Security of I&C Systems at Nuclear Facilities
What NSS17 does not provide? 1. Coherence with IAEA Safety Guides 2. Robust Risk Assessment Method 3. Safety and Security Considerations when applying security controls – unique to Nuclear I&C. 4. Computer Security measures for the entire I&C System lifecycle. 5. Goal based guidance
Approved for Publication NST036 – Computer Security of I&C Systems – Nuclear I&C designers have robust processes in place to ensure systems provide for safe, reliable, and deterministic behavior. – NST036 aims to overlay security considerations on top of these processes to meet safety and security objectives. – Developed in tandem with SSG-37and SSG-39 IAEA Safety Guide for I&C Systems NPPs and RRs.
NST036 Objective – Aims to provide guidance on computer security for I&C systems at nuclear facilities. – This guidance includes safety and security considerations which have to be addressed in order to provide security throughout the life cycle of an I&C system. – Application of this guidance may also benefit safety and operational performance of nuclear facilities.
NST036 Scope – The application of computer security measures to I&C systems which provide safety or auxiliary functions at nuclear facilities. – I&C systems used for Nuclear material accounting and control (NMAC) or nuclear security, such as physical protection and security monitoring, where applicable. – Considers the application of computer security measures to the development, simulation and maintenance environments.
Potential Consequences The effects of compromise on a system functions arranged from worst to best cases are: i. Function is indeterminate ii. Function has unexpected behaviours or actions iii. Function fails iv. Function performs as expected (i.e. fault tolerant)
Compromise examples – Failure (e.g. Denial of service/Loss of Function) Block operator’s ability to observe and/or respond to changing system conditions, slow the system to a crawl. – Interception (Man in the Middle) Interception and modification of data stream between nodes – Unobserved System Monitoring/Modification; Unauthorized access and data recording/modification – Operator Spoofing leading to Incorrect Action Causing operator to take incorrect action. Direct manipulation of computer/control system Ref: Tutănescu, Ion, Ass. Prof., Ph.D., Prof. Emil Sofron, Ph.D., Anatomy and Types of Attacks against Computer Networks, Department of Electronics and Computers, University of Piteşti, ROMANIA.
Safety-Security Considerations – Computer security measures that protect the human–system interface (HSI) should be implemented so that they do not adversely affect the operators’ ability to maintain the safety of the facility. – Adverse impacts such as the interception and modification of process data to the HSI (e.g. spoofing) with the aim to preventing or delaying the operator from actuating a safety function (e.g. manual trip) should also be considered.
Safety-Security Considerations – If there is a conflict between safety and security, then design considerations taken to assure safety should be maintained provided that a compatible solution to ensure security is pursued. – Compensatory computer security measures should be implemented to reduce the risk to an acceptable level and be supported by a comprehensive justification and security risk analysis. – The implemented measures should not rely solely upon administrative controls for an extended period. – The absence of a security solution should never be accepted.
Review – Computer Security Measures Types of protective measures – Administrative Controls – policy, procedures and practices designed to safeguard computer systems through personnel behaviors. These are directive in nature specifying what employees should and should not do. – Physical Controls – physical barriers for the protection of computer and supporting assets from physical damage and physical access. (fences, physical protection systems, locks, doors, guards, fire protection) – Technical Controls – computer hardware/software solutions for the protection, detection, mitigation and recovery from intrusion or malicious acts. (e.g. firewalls, IDS, anti-virus software, access control)
Facility Level Risk Assessment – Applies to all I&C systems. – Determine the effects that may result from cyber-attacks which successfully exploit vulnerabilities in the system. – Identifies facility I&C systems (including supporting and complimentary systems) that, if compromised, could have an adverse effect on safety, security of nuclear material, or accident management.
System Level Risk Assessment – I&C system components should be assessed and assigned to the appropriate security level based upon the security risk assessment. – Malicious actions that could change process signals, equipment configuration data, or software should be considered in the I&C system security risk assessment. – Cyber-attack should be considered as an event that may occur at any point during the I&C system life cycle.
NST036 – General Guidance NST036 (All I&C systems) – Identify and document the standards and procedures that will conform with the applicable security policies to ensure the system design products (hardware, software, and firmware) minimize: – undocumented code (e.g. back door coding), – malicious code (e.g. intrusions, viruses, worms, Trojan horses or bomb codes), and – other unwanted, unnecessary or undocumented functions or applications with the aim of minimizing attack surface. NSS 17 (Computer Security Plan components) – Platform and application security (e.g. hardening);
System Hardening Definition – The process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; – Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services. How it Works – Principle that a single-function system is more secure than a multipurpose one. – Options: Kernel Patch, Closing Network Ports, IDS/IPS – Hardening Scripts/Applications (MBSA, Lynis, Bastille)
System Hardening Example – Nessus scanner used to identify vulnerabilities and missing patches. – Hardening of System removed all Critical Vulnerabilities and reduced overall risk. Ref: J. Sladek - OPG http://www.tenable.com/products/nessus-vulnerability-scanner
Security Architecture – Highest security level (i.e. requiring the greatest degree of security) should only be connected to systems in lower protection categories via fail-secure, deterministic, unidirectional data communication pathways. – The direction of these data pathways should be limited to transmission of data from the highest security level to the devices in the lower security levels (i.e. lower levels are not allowed to transmit data to the higher level). – Exceptions are strongly discouraged and may only be considered on a strict case by case basis and if supported by a complete justification and security risk analysis. – Aligns with NSS No. 17
Potential Control (Data Diode) – Data diodes use physical means to ensure that data can only flow in one direction. – This prevents the use of any protocol that requires handshaking (including TCP/IP). – Designs using data diodes must consider the possibility that data packets will be dropped. This can be addressed through redundancy and error correction codes.
Data Diodes Data Diodes create one-way traffic between two networks!
Data Diodes – Data diodes can protect systems from network-based attacks. – They do not protect against malware from mobile devices or removable media. – Data diodes do not protect confidentiality of data that is transmitted over the network. – If configured correctly security event messages can be sent through the diode to a central logging and monitoring system.
NST036 – Operations and Maintenance NST036 (All I&C systems) – Operations and maintenance activities should be analysed to ensure that computer security measures are implemented to prevent introduction of malicious software to the I&C system. NSS 17 (Security Level 1) – Strict organizational and administrative procedures apply to any modifications, including hardware maintenance, updates and software modifications.
Potential Control - Application Whitelisting Definition – Only software which is on a list of software that is considered safe to run is permitted to run. All other software is blocked. How it Works – A signature is generated and stored in the whitelist. The signature typically is the output of a cryptographic function applied to the program. – When the program is run, the signature is recalculated and compared to the whitelist. – If a program is changed then the signature will change and the program will be blocked. – Any new program installed on the system will not have a signature and will be blocked
Potential Control - Application Whitelisting Advantages – Only requires signature file updates when the software is modified – Deterministic behavior - the time to generate the signature is the same every time. Disadvantages – Inappropriate design may impede the ability of a system to respond as per its design requirements. Care should be taken in designing the whitelist. – Hard to use in an environment where programs are changed frequently. – May not be effective against programs that insert themselves into memory. – Not effective in interpreted programs. The interpreter will be whitelisted, but the input files will not be. For example: python < badscript.py
NST036 – Operations and Maintenance NST036 (All I&C systems) – Calibration, testing and maintenance activities may involve the use of removable media and mobile devices. Computer security measures should include considerations for: – The implementation of effective administrative and technical controls in the safe and secure handling of the digital devices. – Verification of the integrity of all control set points with the aim to prevent and protect them from undesired changes; and – Use of qualified personnel (including 3rd parties) that have received training in performance of these activities based on computer security requirements. NSS 17 (Security Level 1) – Removable media must be controlled in accordance with security operating procedures. – Every data entry to the systems is approved and verified on a case by case basis – Measures to ensure the integrity and availability of the systems are typically explained as a part of the safety cases.
Potential Control - Logfile based IDS Function – Active device that analyses logfiles from one or more systems to identify security events. Advantages – Inexpensive and easy to use Disadvantages – The systems being monitored must support remote access to event logs or remote transmission of events to the IDS. This may not be possible on legacy ICS systems. – Different structure and format of logfiles for different systems.
Network Intrusion Detection System A network based IDS is a device which analyzes network traffic to identify intrusion. – Does not require changes to the ICS. – Intrusion detection signatures are required. – The signatures for ICS systems are different from signatures used in corporate environments. – IDS aimed at corporate environments assume that there is a rigerous patch process in place and old signatures are dropped to maintain adequate performance. This is not the case with ICS. – ICS specific signatures must be used to protect I&C equipment. – When ICS network traffic is deterministic and uses limited protocols, effective rules can be developed which identify anomolous traffic.
Host based IDS – Host based firewall can identify new network communications and block them by default. An alert can be generated. – Antivirus may be used to block malicious software based on a blacklist. This may not work so well in an ICS environment: – Scanning is non-deterministic based on number of signatures. – Requires regular signature updates and may require scanning engine updates. – Vendors assume patching in place so old signatures are dropped. – When base O/S goes out of support, antivirus vendors will drop support for the O/S. No new signatures, no updates to the engine. – Host-based IDS may also interpret network traffice in realtime based on signatures and block traffic. – These solutions all require software to be installed on the system to be protected. Additional system loading may affect real-time performance. May also block needed software from running.
NST036 – Vendors – Vendor and sub-vendor organizations should have robust and verifiable computer security processes. – Computer security requirements and controls should be met and applied respectively by vendors including support provided on site, at the vendor’s workplace, and during any transit or storage of purchased goods. – The vendor should have a computer security management process. – The applicable requirements for computer security at sites where a vendor performs activities with I&C systems should be clearly and contractually specified based on security level by the operator. – A process should exist between the facility (i.e. operators) and vendor for either organization to report vulnerabilities and to coordinate response and mitigation efforts. – The vendor should demonstrate that they have a credible mechanism for receiving reports of vulnerabilities, assessing them and reporting them to the nuclear facility during the entire period of their contractual service. This may extend beyond any normal warranty period to support the life cycle of the installed equipment. – Audits and assessment of vendors responsible for I&C design, development, integration, and maintenance should be conducted and the results reported to the operator.
NSS 17 vs. NST036
Tamat

Empfohlen

PhD-Guidance-in-Cyber-Security
PhD-Guidance-in-Cyber-SecurityPhD-Guidance-in-Cyber-Security
PhD-Guidance-in-Cyber-SecurityPhdtopiccom
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Network Security
Network SecurityNetwork Security
Network SecurityTechknow Book
 
Network infrastructure security management solution - A holistic approach in ...
Network infrastructure security management solution - A holistic approach in ...Network infrastructure security management solution - A holistic approach in ...
Network infrastructure security management solution - A holistic approach in ...Twinkle Sebastian
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeIkhtiar Khan Sohan
 
Cyber security
Cyber securityCyber security
Cyber securityAman Pradhan
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentationhamzakareem2
 

Empfohlen

PhD-Guidance-in-Cyber-Security
PhD-Guidance-in-Cyber-SecurityPhD-Guidance-in-Cyber-Security
PhD-Guidance-in-Cyber-SecurityPhdtopiccom
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Network Security
Network SecurityNetwork Security
Network SecurityTechknow Book
 
Network infrastructure security management solution - A holistic approach in ...
Network infrastructure security management solution - A holistic approach in ...Network infrastructure security management solution - A holistic approach in ...
Network infrastructure security management solution - A holistic approach in ...Twinkle Sebastian
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeIkhtiar Khan Sohan
 
Cyber security
Cyber securityCyber security
Cyber securityAman Pradhan
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentationhamzakareem2
 
Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cftoamma
 
PhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhdtopiccom
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security GoalsKabul Education University
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
CNIT 140: Perimeter Security
CNIT 140: Perimeter SecurityCNIT 140: Perimeter Security
CNIT 140: Perimeter SecuritySam Bowne
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
Network Security Certification
Network Security CertificationNetwork Security Certification
Network Security CertificationVskills
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updatedInfosecTrain
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and TypesVikram Khanna
 
IoT Security
IoT SecurityIoT Security
IoT SecurityNarudom Roongsiriwong, CISSP
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
Security Aspects in IoT - A Review
Security Aspects in IoT - A Review Security Aspects in IoT - A Review
Security Aspects in IoT - A Review Asiri Hewage
 
Top 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsTop 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsDarraghCommsec
 
Presentation on Network Security
Presentation on Network SecurityPresentation on Network Security
Presentation on Network SecurityAditiPatni3
 
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...IEEEMEMTECHSTUDENTPROJECTS
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsFat-Thing Gabriel-Culley
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsGanbayar Sukhbaatar
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
Monitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMonitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMarc-Andre Heroux
 
Privacy Protection in Distributed Industrial System
Privacy Protection in Distributed Industrial SystemPrivacy Protection in Distributed Industrial System
Privacy Protection in Distributed Industrial Systemiosrjce
 

Weitere ähnliche Inhalte

Was ist angesagt?

Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cftoamma
 
PhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhdtopiccom
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
CNIT 140: Perimeter Security
CNIT 140: Perimeter SecurityCNIT 140: Perimeter Security
CNIT 140: Perimeter SecuritySam Bowne
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
Network Security Certification
Network Security CertificationNetwork Security Certification
Network Security CertificationVskills
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updatedInfosecTrain
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and TypesVikram Khanna
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
Security Aspects in IoT - A Review
Security Aspects in IoT - A Review Security Aspects in IoT - A Review
Security Aspects in IoT - A Review Asiri Hewage
 
Top 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsTop 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsDarraghCommsec
 
Presentation on Network Security
Presentation on Network SecurityPresentation on Network Security
Presentation on Network SecurityAditiPatni3
 
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...IEEEMEMTECHSTUDENTPROJECTS
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsGanbayar Sukhbaatar
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 

Was ist angesagt? (20)

Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cf
 
PhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhD-Guidance-in-Security
PhD-Guidance-in-Security
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security Goals
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
CNIT 140: Perimeter Security
CNIT 140: Perimeter SecurityCNIT 140: Perimeter Security
CNIT 140: Perimeter Security
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
 
Network Security Certification
Network Security CertificationNetwork Security Certification
Network Security Certification
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and Types
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
Security Aspects in IoT - A Review
Security Aspects in IoT - A Review Security Aspects in IoT - A Review
Security Aspects in IoT - A Review
 
Top 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsTop 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEs
 
Presentation on Network Security
Presentation on Network SecurityPresentation on Network Security
Presentation on Network Security
 
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...
IEEE 2014 DOTNET NETWORKING PROJECTS Network intrusion detection system using...
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: Overview
 
Network security
Network security Network security
Network security
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 

Ähnlich wie Ics &amp; computer security for nuclear facilities

Monitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMonitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMarc-Andre Heroux
 
Privacy Protection in Distributed Industrial System
Privacy Protection in Distributed Industrial SystemPrivacy Protection in Distributed Industrial System
Privacy Protection in Distributed Industrial Systemiosrjce
 
Multi agents based architecture for is security incident reaction
Multi agents based architecture for is security incident reactionMulti agents based architecture for is security incident reaction
Multi agents based architecture for is security incident reactionchristophefeltus
 
introduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfintroduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfPrabaKaran649935
 
ME Information Security
ME Information SecurityME Information Security
ME Information SecurityMohamed Monsef
 
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)Pace IT at Edmonds Community College
 
Hp2513711375
Hp2513711375Hp2513711375
Hp2513711375IJERA Editor
 
Hp2513711375
Hp2513711375Hp2513711375
Hp2513711375IJERA Editor
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatanceKudzi Chikwatu
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1Hamed Moghaddam
 
Multi agents system service based platform in telecommunication security inci...
Multi agents system service based platform in telecommunication security inci...Multi agents system service based platform in telecommunication security inci...
Multi agents system service based platform in telecommunication security inci...Luxembourg Institute of Science and Technology
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorEnergySec
 
Integrated Control and Safety - Assessing the Benefits; Weighing the Risks
Integrated Control and Safety - Assessing the Benefits; Weighing the RisksIntegrated Control and Safety - Assessing the Benefits; Weighing the Risks
Integrated Control and Safety - Assessing the Benefits; Weighing the RisksSchneider Electric
 
In what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxIn what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxjaggernaoma
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control SystemHemanth M
 

Ähnlich wie Ics &amp; computer security for nuclear facilities (20)

Monitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMonitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System Control
 
Privacy Protection in Distributed Industrial System
Privacy Protection in Distributed Industrial SystemPrivacy Protection in Distributed Industrial System
Privacy Protection in Distributed Industrial System
 
F017223742
F017223742F017223742
F017223742
 
Multi agents based architecture for is security incident reaction
Multi agents based architecture for is security incident reactionMulti agents based architecture for is security incident reaction
Multi agents based architecture for is security incident reaction
 
Multi agents based architecture for is security incident reaction
Multi agents based architecture for is security incident reactionMulti agents based architecture for is security incident reaction
Multi agents based architecture for is security incident reaction
 
introduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfintroduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdf
 
Industrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphyIndustrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphy
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
 
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
 
Hp2513711375
Hp2513711375Hp2513711375
Hp2513711375
 
Hp2513711375
Hp2513711375Hp2513711375
Hp2513711375
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatance
 
abstract LNG world
abstract LNG worldabstract LNG world
abstract LNG world
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1
 
Multi agents system service based platform in telecommunication security inci...
Multi agents system service based platform in telecommunication security inci...Multi agents system service based platform in telecommunication security inci...
Multi agents system service based platform in telecommunication security inci...
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
 
Integrated Control and Safety - Assessing the Benefits; Weighing the Risks
Integrated Control and Safety - Assessing the Benefits; Weighing the RisksIntegrated Control and Safety - Assessing the Benefits; Weighing the Risks
Integrated Control and Safety - Assessing the Benefits; Weighing the Risks
 
Ics presentation
Ics presentationIcs presentation
Ics presentation
 
In what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxIn what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docx
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control System
 

Kürzlich hochgeladen

KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfankushspencer015
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...ranjana rawat
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 

Kürzlich hochgeladen (20)

KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 

Ics &amp; computer security for nuclear facilities

  • 2. Content • Nuclear Security Series No 17 • NST036 – Computer Security of Nuclear I&C Systems • Interface with Safety Guides • Scope • Key Principles • Sample Measures and Controls
  • 3. NSS-17 Computer Security for Nuclear Facilities
  • 4. Review of Nuclear Security Series • NSS No.17 Computer Security for Nuclear Facilities • NST036 Computer Security of Nuclear I&C Systems
  • 5. Review of NSS No. 17 – Awareness publication – Safety I&C systems are assigned Levels 1 to 3 – No categorization hierarchy provided for PPS – Security Objective is not stated for many computer security measures – Risk assessment in general terms – Non-safety items may impact on safety systems and require protection
  • 6. Review NSS No. 17 - Example EXAMPLE – Zone 1: Safety relevant digital and software based I&C systems – Zone 2: Process-control and Process-computing systems e.g. 2A = Reactor near area, 2B = Main Control Room – Zone 3: Administrative computer systems e.g. 3A = Physical Protection Systems 3B = Telecommunication Systems – Zone 4: External systems e.g. 4A = Systems for Internet Services and data exchange
  • 7. Comparing IT and I&C Systems
  • 8. NST036 Computer Security of I&C Systems at Nuclear Facilities
  • 9. What NSS17 does not provide? 1. Coherence with IAEA Safety Guides 2. Robust Risk Assessment Method 3. Safety and Security Considerations when applying security controls – unique to Nuclear I&C. 4. Computer Security measures for the entire I&C System lifecycle. 5. Goal based guidance
  • 10. Approved for Publication NST036 – Computer Security of I&C Systems – Nuclear I&C designers have robust processes in place to ensure systems provide for safe, reliable, and deterministic behavior. – NST036 aims to overlay security considerations on top of these processes to meet safety and security objectives. – Developed in tandem with SSG-37and SSG-39 IAEA Safety Guide for I&C Systems NPPs and RRs.
  • 11. NST036 Objective – Aims to provide guidance on computer security for I&C systems at nuclear facilities. – This guidance includes safety and security considerations which have to be addressed in order to provide security throughout the life cycle of an I&C system. – Application of this guidance may also benefit safety and operational performance of nuclear facilities.
  • 12. NST036 Scope – The application of computer security measures to I&C systems which provide safety or auxiliary functions at nuclear facilities. – I&C systems used for Nuclear material accounting and control (NMAC) or nuclear security, such as physical protection and security monitoring, where applicable. – Considers the application of computer security measures to the development, simulation and maintenance environments.
  • 13. Potential Consequences The effects of compromise on a system functions arranged from worst to best cases are: i. Function is indeterminate ii. Function has unexpected behaviours or actions iii. Function fails iv. Function performs as expected (i.e. fault tolerant)
  • 14. Compromise examples – Failure (e.g. Denial of service/Loss of Function) Block operator’s ability to observe and/or respond to changing system conditions, slow the system to a crawl. – Interception (Man in the Middle) Interception and modification of data stream between nodes – Unobserved System Monitoring/Modification; Unauthorized access and data recording/modification – Operator Spoofing leading to Incorrect Action Causing operator to take incorrect action. Direct manipulation of computer/control system Ref: Tutănescu, Ion, Ass. Prof., Ph.D., Prof. Emil Sofron, Ph.D., Anatomy and Types of Attacks against Computer Networks, Department of Electronics and Computers, University of PiteÅŸti, ROMANIA.
  • 15. Safety-Security Considerations – Computer security measures that protect the human–system interface (HSI) should be implemented so that they do not adversely affect the operators’ ability to maintain the safety of the facility. – Adverse impacts such as the interception and modification of process data to the HSI (e.g. spoofing) with the aim to preventing or delaying the operator from actuating a safety function (e.g. manual trip) should also be considered.
  • 16. Safety-Security Considerations – If there is a conflict between safety and security, then design considerations taken to assure safety should be maintained provided that a compatible solution to ensure security is pursued. – Compensatory computer security measures should be implemented to reduce the risk to an acceptable level and be supported by a comprehensive justification and security risk analysis. – The implemented measures should not rely solely upon administrative controls for an extended period. – The absence of a security solution should never be accepted.
  • 17. Review – Computer Security Measures Types of protective measures – Administrative Controls – policy, procedures and practices designed to safeguard computer systems through personnel behaviors. These are directive in nature specifying what employees should and should not do. – Physical Controls – physical barriers for the protection of computer and supporting assets from physical damage and physical access. (fences, physical protection systems, locks, doors, guards, fire protection) – Technical Controls – computer hardware/software solutions for the protection, detection, mitigation and recovery from intrusion or malicious acts. (e.g. firewalls, IDS, anti-virus software, access control)
  • 18. Facility Level Risk Assessment – Applies to all I&C systems. – Determine the effects that may result from cyber-attacks which successfully exploit vulnerabilities in the system. – Identifies facility I&C systems (including supporting and complimentary systems) that, if compromised, could have an adverse effect on safety, security of nuclear material, or accident management.
  • 19. System Level Risk Assessment – I&C system components should be assessed and assigned to the appropriate security level based upon the security risk assessment. – Malicious actions that could change process signals, equipment configuration data, or software should be considered in the I&C system security risk assessment. – Cyber-attack should be considered as an event that may occur at any point during the I&C system life cycle.
  • 20. NST036 – General Guidance NST036 (All I&C systems) – Identify and document the standards and procedures that will conform with the applicable security policies to ensure the system design products (hardware, software, and firmware) minimize: – undocumented code (e.g. back door coding), – malicious code (e.g. intrusions, viruses, worms, Trojan horses or bomb codes), and – other unwanted, unnecessary or undocumented functions or applications with the aim of minimizing attack surface. NSS 17 (Computer Security Plan components) – Platform and application security (e.g. hardening);
  • 21. System Hardening Definition – The process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; – Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services. How it Works – Principle that a single-function system is more secure than a multipurpose one. – Options: Kernel Patch, Closing Network Ports, IDS/IPS – Hardening Scripts/Applications (MBSA, Lynis, Bastille)
  • 22. System Hardening Example – Nessus scanner used to identify vulnerabilities and missing patches. – Hardening of System removed all Critical Vulnerabilities and reduced overall risk. Ref: J. Sladek - OPG http://www.tenable.com/products/nessus-vulnerability-scanner
  • 23. Security Architecture – Highest security level (i.e. requiring the greatest degree of security) should only be connected to systems in lower protection categories via fail-secure, deterministic, unidirectional data communication pathways. – The direction of these data pathways should be limited to transmission of data from the highest security level to the devices in the lower security levels (i.e. lower levels are not allowed to transmit data to the higher level). – Exceptions are strongly discouraged and may only be considered on a strict case by case basis and if supported by a complete justification and security risk analysis. – Aligns with NSS No. 17
  • 24. Potential Control (Data Diode) – Data diodes use physical means to ensure that data can only flow in one direction. – This prevents the use of any protocol that requires handshaking (including TCP/IP). – Designs using data diodes must consider the possibility that data packets will be dropped. This can be addressed through redundancy and error correction codes.
  • 25. Data Diodes Data Diodes create one-way traffic between two networks!
  • 26. Data Diodes – Data diodes can protect systems from network-based attacks. – They do not protect against malware from mobile devices or removable media. – Data diodes do not protect confidentiality of data that is transmitted over the network. – If configured correctly security event messages can be sent through the diode to a central logging and monitoring system.
  • 27. NST036 – Operations and Maintenance NST036 (All I&C systems) – Operations and maintenance activities should be analysed to ensure that computer security measures are implemented to prevent introduction of malicious software to the I&C system. NSS 17 (Security Level 1) – Strict organizational and administrative procedures apply to any modifications, including hardware maintenance, updates and software modifications.
  • 28. Potential Control - Application Whitelisting Definition – Only software which is on a list of software that is considered safe to run is permitted to run. All other software is blocked. How it Works – A signature is generated and stored in the whitelist. The signature typically is the output of a cryptographic function applied to the program. – When the program is run, the signature is recalculated and compared to the whitelist. – If a program is changed then the signature will change and the program will be blocked. – Any new program installed on the system will not have a signature and will be blocked
  • 29. Potential Control - Application Whitelisting Advantages – Only requires signature file updates when the software is modified – Deterministic behavior - the time to generate the signature is the same every time. Disadvantages – Inappropriate design may impede the ability of a system to respond as per its design requirements. Care should be taken in designing the whitelist. – Hard to use in an environment where programs are changed frequently. – May not be effective against programs that insert themselves into memory. – Not effective in interpreted programs. The interpreter will be whitelisted, but the input files will not be. For example: python < badscript.py
  • 30. NST036 – Operations and Maintenance NST036 (All I&C systems) – Calibration, testing and maintenance activities may involve the use of removable media and mobile devices. Computer security measures should include considerations for: – The implementation of effective administrative and technical controls in the safe and secure handling of the digital devices. – Verification of the integrity of all control set points with the aim to prevent and protect them from undesired changes; and – Use of qualified personnel (including 3rd parties) that have received training in performance of these activities based on computer security requirements. NSS 17 (Security Level 1) – Removable media must be controlled in accordance with security operating procedures. – Every data entry to the systems is approved and verified on a case by case basis – Measures to ensure the integrity and availability of the systems are typically explained as a part of the safety cases.
  • 31. Potential Control - Logfile based IDS Function – Active device that analyses logfiles from one or more systems to identify security events. Advantages – Inexpensive and easy to use Disadvantages – The systems being monitored must support remote access to event logs or remote transmission of events to the IDS. This may not be possible on legacy ICS systems. – Different structure and format of logfiles for different systems.
  • 32. Network Intrusion Detection System A network based IDS is a device which analyzes network traffic to identify intrusion. – Does not require changes to the ICS. – Intrusion detection signatures are required. – The signatures for ICS systems are different from signatures used in corporate environments. – IDS aimed at corporate environments assume that there is a rigerous patch process in place and old signatures are dropped to maintain adequate performance. This is not the case with ICS. – ICS specific signatures must be used to protect I&C equipment. – When ICS network traffic is deterministic and uses limited protocols, effective rules can be developed which identify anomolous traffic.
  • 33. Host based IDS – Host based firewall can identify new network communications and block them by default. An alert can be generated. – Antivirus may be used to block malicious software based on a blacklist. This may not work so well in an ICS environment: – Scanning is non-deterministic based on number of signatures. – Requires regular signature updates and may require scanning engine updates. – Vendors assume patching in place so old signatures are dropped. – When base O/S goes out of support, antivirus vendors will drop support for the O/S. No new signatures, no updates to the engine. – Host-based IDS may also interpret network traffice in realtime based on signatures and block traffic. – These solutions all require software to be installed on the system to be protected. Additional system loading may affect real-time performance. May also block needed software from running.
  • 34. NST036 – Vendors – Vendor and sub-vendor organizations should have robust and verifiable computer security processes. – Computer security requirements and controls should be met and applied respectively by vendors including support provided on site, at the vendor’s workplace, and during any transit or storage of purchased goods. – The vendor should have a computer security management process. – The applicable requirements for computer security at sites where a vendor performs activities with I&C systems should be clearly and contractually specified based on security level by the operator. – A process should exist between the facility (i.e. operators) and vendor for either organization to report vulnerabilities and to coordinate response and mitigation efforts. – The vendor should demonstrate that they have a credible mechanism for receiving reports of vulnerabilities, assessing them and reporting them to the nuclear facility during the entire period of their contractual service. This may extend beyond any normal warranty period to support the life cycle of the installed equipment. – Audits and assessment of vendors responsible for I&C design, development, integration, and maintenance should be conducted and the results reported to the operator.
  • 35. NSS 17 vs. NST036
  • 36. Tamat